[34268] in North American Network Operators' Group
Re: [NANOG] Re: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Pete Ehlke)
Thu Feb 1 21:25:57 2001
Date: Thu, 1 Feb 2001 18:16:32 -0800
From: Pete Ehlke <pde@ehlke.net>
To: Pim van Riezen <pi@vuurwerk.nl>
Cc: nanog@merit.edu
Message-ID: <20010201181632.A4361@ehlke.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <Pine.SGI.4.30.0102020213310.115762-100000@jones.lab.madscience.nl>; from pi@vuurwerk.nl on Fri, Feb 02, 2001 at 02:22:56AM +0100
Errors-To: owner-nanog-outgoing@merit.edu
Pim van Riezen (pi@vuurwerk.nl) said, on [010201 17:29]:
>
> This is untrue. I expected this same thing. Then I ran into these gems of
> bogosity while updating 8.2.2-P7 to 8.2.3:
>
> (1) 8.2.3 Doesn't accept the "(" in the SOA string to be on the next line
> after the IN SOA. Our script-generated zonefiles, about 45000 of them,
> all had this.
Not accepting a bogus zone file is hardly classifiable as "bogosity".
>
> documentation (README, CHANGES) mentions any of these problems and I've
> been bitten by them. Yes we're running 8.2.3-REL fine now, but it took a
> couple of _expensive_ reloads to get everything right. If ISC wants my
> trust in the future of their codebase, they will have to work on seeing
> the difference between an "architecture upgrade" and a "security patch".
>
So, you deployed a new version of bind to a non-trivial set of
production servers without doing any testing on development or QA
systems, and you're blaming your production problems on the isc? I'm
fairly certain that I'm glad you're not running my network,
thankyewverymuch.
-P.
